CVE-2025-7780
BaseFortify
Publication date: 2025-07-24
Last updated on: 2025-07-25
Assigner: Wordfence
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| wordpress | ai_engine | 2.9.5 |
| wordpress | ai_engine | 2.9.4 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-7780 is a vulnerability in the AI Engine WordPress plugin (version 2.9.4 and earlier) where the simpleTranscribeAudio endpoint does not properly restrict URL schemes before calling get_audio(). This allows authenticated users with Subscriber-level access or higher to read any file on the web server and exfiltrate it via the plugin's OpenAI API integration. The issue is related to improper validation of URL schemes, leading to sensitive information exposure. [1]
How can this vulnerability impact me? :
This vulnerability can allow an authenticated attacker with Subscriber-level access or above to read any file on the web server, potentially exposing sensitive information stored on the server. Attackers can exfiltrate this data through the plugin's OpenAI API integration, leading to data breaches and unauthorized disclosure of confidential files. Additionally, related vulnerabilities in the plugin could allow unauthorized file uploads and remote code execution if exploited. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability can lead to unauthorized exposure of sensitive information stored on the web server, which may include personal data protected under regulations like GDPR and HIPAA. Such data breaches can result in non-compliance with these standards, potentially causing legal penalties, reputational damage, and the need for breach notifications. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can focus on monitoring for suspicious API calls to the simpleTranscribeAudio endpoint that include unusual URL schemes or attempts to access local files. Network monitoring tools can be used to detect outbound requests to unexpected URLs or exfiltration attempts via the plugin's OpenAI API integration. Additionally, reviewing web server logs for authenticated users with Subscriber-level access making requests to the vulnerable endpoint may help identify exploitation attempts. Specific commands depend on your environment, but examples include using grep on web server logs to find calls to 'simpleTranscribeAudio' or using network monitoring tools like tcpdump or Wireshark to capture suspicious traffic. For example, a command to search Apache logs: `grep 'simpleTranscribeAudio' /var/log/apache2/access.log`. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to update the AI Engine WordPress plugin to version 2.9.5 or later, where the vulnerability has been fixed by validating URL schemes and sanitizing REST API parameters. Additionally, ensure strict file type validation is enabled to prevent unauthorized file uploads and execution. If updating immediately is not possible, restrict access to the vulnerable endpoint to trusted users only and monitor for suspicious activity. Applying these steps will reduce the risk of exploitation. [1]